连接 redis-cli -h 127.0.0.1 -p 6379 -a 密码 查看数据库使用情况 info

注解 登陆认证 @RequiresAuthentication 权限认证 @RequiresPermissions("modifyUser") 角色认证 @RequiresRoles 不需要认证 @RequiresGuest 必须是改应用用户 @RequiresUser

为了支持响应式布局的情况下,发现图片宽度是写死的,于是添加了百分比功能 方法 直接修改官方源码 修改simditor.js 文件 官方版本 和修改文件的下地址 https://imsjw.com/article/simditor%20%E5%9B%BE%E7%89%87%E6%94%AF%E6%8C%81%E7%99%BE%E5%88%86%E6%AF%94/download/simditor.rar 在维持原有功能的情况下,添加图片百分比功能 使用方式 在设置图片大小时填写百分比数值 例子 10%

遵循阿里云编码规范 实体类命名 字段命名时不能以is开头 原因:mybatis映射JavaBeans时失败 org.mybatis.spring.MyBatisSystemException: nested exception is org.apache.ibatis.reflection.ReflectionException: Illegal overloaded getter method with ambiguous type for property vote in class class com.sykj.common.entity.VoteUser. This breaks the JavaBeans specification and can cause unpredictable results. at org.mybatis.spring.MyBatisExceptionTranslator.translateExceptionIfPossible(MyBatisExceptionTranslator.java:77) at org.mybatis.spring.SqlSessionTemplate$SqlSessionInterceptor.invoke(SqlSessionTemplate.java:446) at com.sun.proxy.$Proxy84.selectOne(Unknown Source) at org.mybatis.spring.SqlSessionTemplate.selectOne(SqlSessionTemplate.java:166) at org.apache.ibatis.binding.MapperMethod.execute(MapperMethod.java:83) at org.apache.ibatis.binding.MapperProxy.invoke(MapperProxy.java:59) at com.sun.proxy.$Proxy101.findById(Unknown Source) at com.sykj.common.CommonApplicationTests.contextLoads(CommonApplicationTests.java:27) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) at org.springframework.test.context.junit4.statements.RunBeforeTestExecutionCallbacks.evaluate(RunBeforeTestExecutionCallbacks.java:73) at org.springframework.test.context.junit4.statements.RunAfterTestExecutionCallbacks.evaluate(RunAfterTestExecutionCallbacks.java:83) at org.springframework.test.context.junit4.statements.RunBeforeTestMethodCallbacks.evaluate(RunBeforeTestMethodCallbacks.java:75) at org.springframework.test.context.junit4.statements.RunAfterTestMethodCallbacks.evaluate(RunAfterTestMethodCallbacks.java:86) at org.springframework.test.context.junit4.statements.SpringRepeat.evaluate(SpringRepeat.java:84) at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325) at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.runChild(SpringJUnit4ClassRunner.java:251) at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.runChild(SpringJUnit4ClassRunner.java:97) at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290) at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71) at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288) at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58) at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268) at org.springframework.test.context.junit4.statements.RunBeforeTestClassCallbacks.evaluate(RunBeforeTestClassCallbacks.java:61) at org.springframework.test.context.junit4.statements.RunAfterTestClassCallbacks.evaluate(RunAfterTestClassCallbacks.java:70) at org.junit.runners.ParentRunner.run(ParentRunner.java:363) at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.run(SpringJUnit4ClassRunner.java:190) at org.junit.runner.JUnitCore.run(JUnitCore.java:137) at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:68) at com.intellij.rt.execution.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:47) at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:242) at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:70) Caused by: org.apache.ibatis.reflection.ReflectionException: Illegal overloaded getter method with ambiguous type for property vote in class class com.sykj.common.entity.VoteUser. This breaks the JavaBeans specification and can cause unpredictable results. at org.apache.ibatis.reflection.Reflector.resolveGetterConflicts(Reflector.java:138) at org.apache.ibatis.reflection.Reflector.addGetMethods(Reflector.java:108) at org.apache.ibatis.reflection.Reflector.<init>(Reflector.java:63) at org.apache.ibatis.reflection.DefaultReflectorFactory.findForClass(DefaultReflectorFactory.java:44) at org.apache.ibatis.reflection.MetaClass.<init>(MetaClass.java:39) at org.apache.ibatis.reflection.MetaClass.forClass(MetaClass.java:43) at org.apache.ibatis.executor.resultset.DefaultResultSetHandler.createResultObject(DefaultResultSetHandler.java:612) at org.apache.ibatis.executor.resultset.DefaultResultSetHandler.createResultObject(DefaultResultSetHandler.java:594) at org.apache.ibatis.executor.resultset.DefaultResultSetHandler.getRowValue(DefaultResultSetHandler.java:396) at org.apache.ibatis.executor.resultset.DefaultResultSetHandler.handleRowValuesForSimpleResultMap(DefaultResultSetHandler.java:355) at org.apache.ibatis.executor.resultset.DefaultResultSetHandler.handleRowValues(DefaultResultSetHandler.java:330) at org.apache.ibatis.executor.resultset.DefaultResultSetHandler.handleResultSet(DefaultResultSetHandler.java:303) at org.apache.ibatis.executor.resultset.DefaultResultSetHandler.handleResultSets(DefaultResultSetHandler.java:196) at org.apache.ibatis.executor.statement.PreparedStatementHandler.query(PreparedStatementHandler.java:64) at org.apache.ibatis.executor.statement.RoutingStatementHandler.query(RoutingStatementHandler.java:79) at org.apache.ibatis.executor.SimpleExecutor.doQuery(SimpleExecutor.java:63) at org.apache.ibatis.executor.BaseExecutor.queryFromDatabase(BaseExecutor.java:326) at org.apache.ibatis.executor.BaseExecutor.query(BaseExecutor.java:156) at org.apache.ibatis.executor.CachingExecutor.query(CachingExecutor.java:109) at com.github.pagehelper.PageInterceptor.intercept(PageInterceptor.java:143) at org.apache.ibatis.plugin.Plugin.invoke(Plugin.java:61) at com.sun.proxy.$Proxy128.query(Unknown Source) at org.apache.ibatis.session.defaults.DefaultSqlSession.selectList(DefaultSqlSession.java:148) at org.apache.ibatis.session.defaults.DefaultSqlSession.selectList(DefaultSqlSession.java:141) at org.apache.ibatis.session.defaults.DefaultSqlSession.selectOne(DefaultSqlSession.java:77) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.mybatis.spring.SqlSessionTemplate$SqlSessionInterceptor.invoke(SqlSessionTemplate.java:433) ... 36 more

##Spring IOC: 控制反转 Ioc—Inversion of Control:这是一种设计思想 控制反转必然涉及到谁控制谁,正转以及反转 ###控制 容器控制了对象,通常我们是自己创建对象,然后程序依赖对象 控制则是由容器控制控制外部资源的获取,比方说对象的创建,文件的获取 这些都是资源 ###反转 传统程序中是由我们自己创建并获取依赖对象也就是正转,反转则是由容器来创建和注入对象 ###优点 传统程序的创建对象和依赖导致了类与类直接的高耦合,难于测试 通过控制反转实现低耦合,便于测试,提高了复用性 ##DI 依赖注入 Dependency Injection 在系统运行中,动态的提供所需要的对象

做微信时发现用户昵称中有emoji 字符 导致数据库插入时出现问题 异常信息 ### Error updating database. Cause: java.sql.SQLException: Incorrect string value: '\xF0\x9F\x92\x97C' for column 'nickName' at row 1 ### The error may involve defaultParameterMap ### The error occurred while setting parameters ### SQL: insert into user ( nickName, openId, sex ) values ( ?, ?, ? ) ### Cause: java.sql.SQLException: Incorrect string value: '\xF0\x9F\x92\x97C' for column 'nickName' at row 1 ; uncategorized SQLException; SQL state [HY000]; error code [1366]; Incorrect string value: '\xF0\x9F\x92\x97C' for column 'nickName' at row 1; nested exception is java.sql.SQLException: Incorrect string value: '\xF0\x9F\x92\x97C' for column 'nickName' at row 1 org.springframework.jdbc.UncategorizedSQLException: ### Error updating database. Cause: java.sql.SQLException: Incorrect string value: '\xF0\x9F\x92\x97C' for column 'nickName' at row 1 ### The error may involve defaultParameterMap ### The error occurred while setting parameters ### SQL: insert into user ( nickName, openId, sex ) values ( ?, ?, ? ) ### Cause: java.sql.SQLException: Incorrect string value: '\xF0\x9F\x92\x97C' for column 'nickName' at row 1 ; uncategorized SQLException; SQL state [HY000]; error code [1366]; Incorrect string value: '\xF0\x9F\x92\x97C' for column 'nickName' at row 1; nested exception is java.sql.SQLException: Incorrect string value: '\xF0\x9F\x92\x97C' for column 'nickName' at row 1 org.springframework.jdbc.support.AbstractFallbackSQLExceptionTranslator.translate(AbstractFallbackSQLExceptionTranslator.java:89) org.springframework.jdbc.support.AbstractFallbackSQLExceptionTranslator.translate(AbstractFallbackSQLExceptionTranslator.java:81) org.springframework.jdbc.support.AbstractFallbackSQLExceptionTranslator.translate(AbstractFallbackSQLExceptionTranslator.java:81) org.mybatis.spring.MyBatisExceptionTranslator.translateExceptionIfPossible(MyBatisExceptionTranslator.java:73) org.mybatis.spring.SqlSessionTemplate$SqlSessionInterceptor.invoke(SqlSessionTemplate.java:446) com.sun.proxy.$Proxy72.insert(Unknown Source) org.mybatis.spring.SqlSessionTemplate.insert(SqlSessionTemplate.java:278) org.apache.ibatis.binding.MapperMethod.execute(MapperMethod.java:58) org.apache.ibatis.binding.MapperProxy.invoke(MapperProxy.java:59) com.sun.proxy.$Proxy73.insert(Unknown Source) com.threepoles.service.UserService.login(UserService.java:206) com.threepoles.service.UserService$$FastClassBySpringCGLIB$$ac05f20d.invoke(<generated>) org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:746) org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:294) org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:98) org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:185) org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688) com.threepoles.service.UserService$$EnhancerBySpringCGLIB$$9e456499.login(<generated>) com.threepoles.service.UserService$$FastClassBySpringCGLIB$$ac05f20d.invoke(<generated>) org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:746) org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:294) org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:98) org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:185) org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688) com.threepoles.service.UserService$$EnhancerBySpringCGLIB$$cd041f35.login(<generated>) com.threepoles.controller.UserController.initLogin(UserController.java:87) com.threepoles.controller.UserController$$FastClassBySpringCGLIB$$4c4a7cf5.invoke(<generated>) org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:684) com.threepoles.controller.UserController$$EnhancerBySpringCGLIB$$4e992520.initLogin(<generated>) com.threepoles.controller.UserController$$FastClassBySpringCGLIB$$4c4a7cf5.invoke(<generated>) org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:746) org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) org.springframework.validation.beanvalidation.MethodValidationInterceptor.invoke(MethodValidationInterceptor.java:112) org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:185) org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688) com.threepoles.controller.UserController$$EnhancerBySpringCGLIB$$1f6806ac.initLogin(<generated>) sun.reflect.GeneratedMethodAccessor153.invoke(Unknown Source) sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) java.lang.reflect.Method.invoke(Method.java:498) org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:209) org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:136) org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:102) org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:877) org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:783) org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87) org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:991) org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:925) org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:974) org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:877) javax.servlet.http.HttpServlet.service(HttpServlet.java:661) org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:851) javax.servlet.http.HttpServlet.service(HttpServlet.java:742) org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61) org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90) org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83) org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:387) org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362) org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:109) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200) org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198) org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493) org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800) org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:800) org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1471) org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) java.lang.Thread.run(Thread.java:748) 解决方式 1.修改数据库编码为utf8mb4 ...

事物注解不生效@Transactional问题 @Transactional(rollbackFor = Exception.class) 原因 shiro框架导致的@Transactional 注解不生效 解决办法 在继承了AuthorizingRealm的类中使用@Lazy注解 用于延迟加载 核心代码 @Lazy @Resource private UserService userService; @Lazy @Resource private UserDao userDao; 全部代码 package com.blog.config.shiro; import com.blog.base.BaseException; import com.blog.entity.Permission; import com.blog.entity.Role; import com.blog.dao.UserDao; import com.blog.service.UserService; import org.apache.shiro.authc.*; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import javax.annotation.Resource; import com.blog.entity.User; import org.springframework.context.annotation.Lazy; import java.util.List; /** * @author imsjw * @Date Created in 22:45 2018/6/17 */ public class ShiroRealm extends AuthorizingRealm { @Lazy @Resource private UserService userService; @Lazy @Resource private UserDao userDao; /** * 授权 * * @param principals * @return */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(); User user = (User) principals.getPrimaryPrincipal(); List<Role> roles = user.getRoles(); for (int i = 0; i < roles.size(); i++) { Role role = roles.get(i); simpleAuthorizationInfo.addRole(role.getId()); List<Permission> permissions = role.getPermissions(); for (int j = 0; j < permissions.size(); j++) { simpleAuthorizationInfo.addStringPermission(permissions.get(j).getId()); } } List<Permission> privilege = user.getPrivilege(); if (privilege != null) { for (int i = 0; i < privilege.size(); i++) { Permission permission = privilege.get(i); simpleAuthorizationInfo.addStringPermission(permission.getId()); } } return simpleAuthorizationInfo; } /** * 登陆认证 * * @param authenticationToken * @return * @throws AuthenticationException */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken; String name = token.getUsername(); User user = userDao.findByEmail(name); if (user == null) { throw new UnknownAccountException("用户不存在"); } String credentials = user.getPassword(); SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(user, credentials, this.getName()); return simpleAuthenticationInfo; } /** * 自定义密码校验 * * @param authenticationToken * @param authenticationInfo * @throws AuthenticationException */ @Override protected void assertCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) throws AuthenticationException { UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken; SimpleAuthenticationInfo info = (SimpleAuthenticationInfo) authenticationInfo; String password = new String(token.getPassword()); User user = (User) info.getPrincipals().getPrimaryPrincipal(); String dataBasePassword = (String) info.getCredentials(); password = userService.loginPasswordEncoder(password, user.getSalt()); if (!password.equals(dataBasePassword)) { throw new IncorrectCredentialsException(); } } }

电脑上先安装redis 导入相对应的jar包 <properties> ... <shiro.redis.version>2.4.2-RELEASE</shiro.redis.version> ... </properties> Redis <!-- redis内存数据库框架 --> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-data-redis</artifactId> </dependency> shiro 和 redis <dependency> <groupId>org.crazycake</groupId> <artifactId>shiro-redis</artifactId> <version>2.4.2-RELEASE</version> </dependency> session redis <!-- session 使用 redis缓存 --> <dependency> <groupId>org.springframework.session</groupId> <artifactId>spring-session-data-redis</artifactId> </dependency> springboot 配置文件 spring: redis: database: 1 # Redis数据库索引（默认为0） host: 127.0.0.1 port: 6379 password: redis密码

配置 package com.***.config; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Lazy; import org.springframework.stereotype.Component; import javax.annotation.Resource; import javax.servlet.annotation.WebListener; import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSessionEvent; import javax.servlet.http.HttpSessionListener; import java.util.List; /** * session 监听器 * * @author imsjw * @Date Created in 23:05 2018/7/31 */ @Slf4j @WebListener public class SessionListener implements HttpSessionListener { @Override public void sessionCreated(HttpSessionEvent se) { HttpSession session = se.getSession(); } @Override public void sessionDestroyed(HttpSessionEvent se) { } }

思路 使用全局过滤的方式来预防xss注入问题 当然thymeleaf 模板也可以用来预防xss注入 这里采用Jsoup 来防止xss注入 步骤 一 导入jar包 <dependency> <groupId>org.jsoup</groupId> <artifactId>jsoup</artifactId> <version>1.11.3</version> </dependency> 相关代码 一共两个文件 过滤器代码 package com.***.config.xss; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.ArrayList; import java.util.List; import java.util.regex.Matcher; import java.util.regex.Pattern; /** * xss 过滤器 * * @author imsjw * Create Time: 2018/8/10 */ @WebFilter public class XssFilter implements Filter { /** * 白名单 */ public List<String> whiteList = new ArrayList<>(); @Override public void init(FilterConfig filterConfig) throws ServletException { /** * 示例 */ whiteList.add("/user/mgr"); whiteList.add("白名单路径"); } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse resp = (HttpServletResponse) response; if (isWhiteList(req, resp)) { chain.doFilter(request, response); return; } XssHttpServletRequestWrapper xssRequest = new XssHttpServletRequestWrapper((HttpServletRequest) request); chain.doFilter(xssRequest, response); } private boolean isWhiteList(HttpServletRequest request, HttpServletResponse response) { for (int i = 0; i < whiteList.size(); i++) { String servletPath = request.getServletPath(); if (whiteList.get(i).equals(servletPath)) { return true; } } return false; } @Override public void destroy() { } } 过滤代码 ...